EP2302833A3 - Method and apparatus for secure cryptographic key storage, certification and use - Google Patents

Method and apparatus for secure cryptographic key storage, certification and use Download PDF

Info

Publication number
EP2302833A3
EP2302833A3 EP10010031A EP10010031A EP2302833A3 EP 2302833 A3 EP2302833 A3 EP 2302833A3 EP 10010031 A EP10010031 A EP 10010031A EP 10010031 A EP10010031 A EP 10010031A EP 2302833 A3 EP2302833 A3 EP 2302833A3
Authority
EP
European Patent Office
Prior art keywords
key
pin
valid
correct
pseudo
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
EP10010031A
Other languages
German (de)
French (fr)
Other versions
EP2302833A2 (en
EP2302833B1 (en
Inventor
Balas Natarajan Kausik
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Arcot Systems LLC
Original Assignee
Arcot Systems LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Arcot Systems LLC filed Critical Arcot Systems LLC
Publication of EP2302833A2 publication Critical patent/EP2302833A2/en
Publication of EP2302833A3 publication Critical patent/EP2302833A3/en
Application granted granted Critical
Publication of EP2302833B1 publication Critical patent/EP2302833B1/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2127Bluffing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/08Randomization, e.g. dummy operations or using noise
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/20Manipulating the length of blocks of bits, e.g. padding or block truncation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Abstract

A digital wallet stores a cryptographically camouflaged access-controlled datum (330), e.g., a private key encrypted under the user's PIN (300). Entry of the correct PIN will correctly decrypt the stored key (330). Entry of certain "pseudo-valid" PINs will also decrypt the stored key, but incorrectly, resulting in a candidate key indistinguishable from the correct key (350). Such pseudo-valid PINs are spread thinly over the space of PINs, so that the valid user is unlikely to realize a pseudo-valid PIN via a typographical error in entering the correct PIN. In existing wallet technologies only the correct PIN produces a candidate key; thus, hackers can discover the correct PIN by exhaustive search.
EP10010031.2A 1997-12-23 1998-12-22 Method and apparatus for secure cryptographic key storage, certification and use Expired - Lifetime EP2302833B1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US08/996,758 US6170058B1 (en) 1997-12-23 1997-12-23 Method and apparatus for cryptographically camouflaged cryptographic key storage, certification and use
EP98965522A EP1048143B1 (en) 1997-12-23 1998-12-22 Method and apparatus for secure cryptographic key storage and use

Related Parent Applications (2)

Application Number Title Priority Date Filing Date
EP98965522.0 Division 1998-12-22
EP98965522A Division EP1048143B1 (en) 1997-12-23 1998-12-22 Method and apparatus for secure cryptographic key storage and use

Publications (3)

Publication Number Publication Date
EP2302833A2 EP2302833A2 (en) 2011-03-30
EP2302833A3 true EP2302833A3 (en) 2011-12-07
EP2302833B1 EP2302833B1 (en) 2018-02-14

Family

ID=25543275

Family Applications (2)

Application Number Title Priority Date Filing Date
EP98965522A Expired - Lifetime EP1048143B1 (en) 1997-12-23 1998-12-22 Method and apparatus for secure cryptographic key storage and use
EP10010031.2A Expired - Lifetime EP2302833B1 (en) 1997-12-23 1998-12-22 Method and apparatus for secure cryptographic key storage, certification and use

Family Applications Before (1)

Application Number Title Priority Date Filing Date
EP98965522A Expired - Lifetime EP1048143B1 (en) 1997-12-23 1998-12-22 Method and apparatus for secure cryptographic key storage and use

Country Status (11)

Country Link
US (2) US6170058B1 (en)
EP (2) EP1048143B1 (en)
JP (1) JP4463979B2 (en)
AT (1) ATE497658T1 (en)
AU (1) AU746966B2 (en)
CA (1) CA2314349C (en)
DE (1) DE69842122D1 (en)
ES (1) ES2359205T3 (en)
HK (1) HK1032306A1 (en)
NO (1) NO20003310L (en)
WO (1) WO1999033222A1 (en)

Families Citing this family (158)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
NO305420B1 (en) * 1997-09-02 1999-05-25 Ericsson Telefon Ab L M Device by computer communication system, especially by communication through firewalls
US7454782B2 (en) * 1997-12-23 2008-11-18 Arcot Systems, Inc. Method and system for camouflaging access-controlled data
US7328350B2 (en) * 2001-03-29 2008-02-05 Arcot Systems, Inc. Method and apparatus for secure cryptographic key generation, certification and use
US6574733B1 (en) * 1999-01-25 2003-06-03 Entrust Technologies Limited Centralized secure backup system and method
CA2371791A1 (en) 1999-02-12 2000-08-17 Mack Hicks System and method for providing certification-related and other services
FR2791203A1 (en) * 1999-03-17 2000-09-22 Schlumberger Systems & Service DEVICE FOR AUTHENTICATING A MESSAGE DURING A CRYPTOGRAPHIC PROCESSING OPERATION OF SAID MESSAGE
US6697948B1 (en) * 1999-05-05 2004-02-24 Michael O. Rabin Methods and apparatus for protecting information
US6629150B1 (en) * 1999-06-18 2003-09-30 Intel Corporation Platform and method for creating and using a digital container
US7111172B1 (en) * 1999-07-19 2006-09-19 Rsa Security Inc. System and methods for maintaining and distributing personal security devices
US20020029200A1 (en) 1999-09-10 2002-03-07 Charles Dulin System and method for providing certificate validation and other services
CA2384242A1 (en) * 1999-09-24 2001-04-05 Mary Mckenney System and method for providing payment services in electronic commerce
US6708049B1 (en) * 1999-09-28 2004-03-16 Nellcor Puritan Bennett Incorporated Sensor with signature of data relating to sensor
US6895391B1 (en) * 1999-11-09 2005-05-17 Arcot Systems, Inc. Method and system for secure authenticated payment on a computer network
US6718468B1 (en) * 1999-11-12 2004-04-06 International Business Machines Corporation Method for associating a password with a secured public/private key pair
US6704868B1 (en) * 1999-11-12 2004-03-09 International Business Machines Corporation Method for associating a pass phase with a secured public/private key pair
US8150767B2 (en) * 2000-02-16 2012-04-03 Mastercard International Incorporated System and method for conducting electronic commerce with a remote wallet server
AU2001265107A1 (en) * 2000-05-26 2001-12-11 Interchecks, Llc Methods and systems for network based electronic purchasing system
AU2001284882A1 (en) * 2000-08-14 2002-02-25 Peter H. Gien System and method for facilitating signing by buyers in electronic commerce
WO2002017553A2 (en) * 2000-08-18 2002-02-28 United States Postal Service Apparatus and methods for the secure transfer of electronic data
EP1325599A1 (en) 2000-09-08 2003-07-09 Guy S. Tallent System and method for providing authorization and other services
US7000105B2 (en) * 2000-09-08 2006-02-14 Identrus, Llc System and method for transparently providing certificate validation and other services within an electronic transaction
US6889209B1 (en) * 2000-11-03 2005-05-03 Shieldip, Inc. Method and apparatus for protecting information and privacy
US20020091929A1 (en) * 2000-12-19 2002-07-11 Jakob Ehrensvard Secure digital signing of data
US20020106085A1 (en) * 2001-01-05 2002-08-08 Sandeep Jain Security breach management
CA2436608A1 (en) * 2001-01-26 2002-08-01 Accenture Llp Method for an escrow function during a transaction using an electronic/physical mail address database framework
US7711122B2 (en) 2001-03-09 2010-05-04 Arcot Systems, Inc. Method and apparatus for cryptographic key storage wherein key servers are authenticated by possession and secure distribution of stored keys
GB2373074B (en) * 2001-03-10 2004-10-13 Ibm A method and apparatus for storage of security keys and certificates
JP4064647B2 (en) * 2001-08-24 2008-03-19 富士通株式会社 Information processing apparatus and input operation apparatus
US7376625B2 (en) * 2001-11-15 2008-05-20 Nokia Corporation System and method for activating individualized software modules in a digital broadcast environment
JP4157709B2 (en) * 2002-01-31 2008-10-01 富士通株式会社 Access control method and storage device
US7529944B2 (en) * 2002-02-07 2009-05-05 Activcard Ireland Limited Support for multiple login method
US7660988B2 (en) * 2002-03-18 2010-02-09 Cognomina, Inc. Electronic notary
US7899753B1 (en) 2002-03-25 2011-03-01 Jpmorgan Chase Bank, N.A Systems and methods for time variable financial authentication
WO2003093961A2 (en) * 2002-05-02 2003-11-13 Shieldip, Inc. Method and apparatus for protecting information and privacy
CA2427870C (en) * 2002-05-03 2014-07-08 Certicom Corp. Method and apparatus for performing elliptic curve arithmetic
EP1429224A1 (en) * 2002-12-10 2004-06-16 Texas Instruments Incorporated Firmware run-time authentication
AU2003900413A0 (en) * 2003-01-31 2003-02-13 Mckeon, Brian Bernard Regulated issuance of digital certificates
PL1624878T3 (en) * 2003-05-22 2007-01-31 Pantarhei Bioscience Bv Use of compositions comprising an estrogenic component for the treatment and prevention of musculoskeletal pain
US7299356B2 (en) * 2003-09-02 2007-11-20 Authernative, Inc. Key conversion method for communication session encryption and authentication system
US7581100B2 (en) * 2003-09-02 2009-08-25 Authernative, Inc. Key generation method for communication session encryption and authentication system
US7506161B2 (en) * 2003-09-02 2009-03-17 Authernative, Inc. Communication session encryption and authentication system
US7596704B2 (en) * 2003-10-10 2009-09-29 Jing-Jang Hwang Partition and recovery of a verifiable digital secret
US7562230B2 (en) * 2003-10-14 2009-07-14 Intel Corporation Data security
US20050154906A1 (en) * 2003-11-05 2005-07-14 Patrick Kriech BIOS locked application media
US20050131835A1 (en) * 2003-12-12 2005-06-16 Howell James A.Jr. System for pre-trusting of applications for firewall implementations
US20050201555A1 (en) * 2004-02-09 2005-09-15 I-Ling Yen System, method and apparatus for secure computation on encrypted data
US20050203843A1 (en) * 2004-03-12 2005-09-15 Wood George L. Internet debit system
US7418728B2 (en) * 2004-03-17 2008-08-26 Arcot Systems, Inc. Auditing secret key cryptographic operations
US7287159B2 (en) 2004-04-01 2007-10-23 Shieldip, Inc. Detection and identification methods for software
US7711965B2 (en) * 2004-10-20 2010-05-04 Intel Corporation Data security
US7620187B1 (en) * 2005-03-30 2009-11-17 Rockwell Collins, Inc. Method and apparatus for ad hoc cryptographic key transfer
US20070118735A1 (en) * 2005-11-10 2007-05-24 Jeff Cherrington Systems and methods for trusted information exchange
US7921304B2 (en) * 2005-12-06 2011-04-05 Microsoft Corporation Securing data set images
US8230487B2 (en) 2005-12-21 2012-07-24 International Business Machines Corporation Method and system for controlling access to a secondary system
DE102006015212B4 (en) * 2006-03-30 2017-05-04 Bundesdruckerei Gmbh Method for protecting a movable good, in particular a vehicle, against unauthorized use
US7992203B2 (en) * 2006-05-24 2011-08-02 Red Hat, Inc. Methods and systems for secure shared smartcard access
US8495380B2 (en) 2006-06-06 2013-07-23 Red Hat, Inc. Methods and systems for server-side key generation
US8332637B2 (en) * 2006-06-06 2012-12-11 Red Hat, Inc. Methods and systems for nonce generation in a token
US8098829B2 (en) * 2006-06-06 2012-01-17 Red Hat, Inc. Methods and systems for secure key delivery
US8180741B2 (en) 2006-06-06 2012-05-15 Red Hat, Inc. Methods and systems for providing data objects on a token
US8364952B2 (en) 2006-06-06 2013-01-29 Red Hat, Inc. Methods and system for a key recovery plan
US9769158B2 (en) 2006-06-07 2017-09-19 Red Hat, Inc. Guided enrollment and login for token users
US8707024B2 (en) 2006-06-07 2014-04-22 Red Hat, Inc. Methods and systems for managing identity management security domains
US8099765B2 (en) * 2006-06-07 2012-01-17 Red Hat, Inc. Methods and systems for remote password reset using an authentication credential managed by a third party
US8589695B2 (en) 2006-06-07 2013-11-19 Red Hat, Inc. Methods and systems for entropy collection for server-side key generation
US8412927B2 (en) * 2006-06-07 2013-04-02 Red Hat, Inc. Profile framework for token processing system
US8787566B2 (en) * 2006-08-23 2014-07-22 Red Hat, Inc. Strong encryption
US8806219B2 (en) * 2006-08-23 2014-08-12 Red Hat, Inc. Time-based function back-off
US8977844B2 (en) 2006-08-31 2015-03-10 Red Hat, Inc. Smartcard formation with authentication keys
US9038154B2 (en) 2006-08-31 2015-05-19 Red Hat, Inc. Token Registration
US8074265B2 (en) 2006-08-31 2011-12-06 Red Hat, Inc. Methods and systems for verifying a location factor associated with a token
US8356342B2 (en) 2006-08-31 2013-01-15 Red Hat, Inc. Method and system for issuing a kill sequence for a token
JP4551380B2 (en) * 2006-10-04 2010-09-29 株式会社日立製作所 Authentication system and method
US8693690B2 (en) 2006-12-04 2014-04-08 Red Hat, Inc. Organizing an extensible table for storing cryptographic objects
US20080178252A1 (en) * 2007-01-18 2008-07-24 General Instrument Corporation Password Installation in Home Networks
US8813243B2 (en) 2007-02-02 2014-08-19 Red Hat, Inc. Reducing a size of a security-related data object stored on a token
US8832453B2 (en) 2007-02-28 2014-09-09 Red Hat, Inc. Token recycling
US8639940B2 (en) 2007-02-28 2014-01-28 Red Hat, Inc. Methods and systems for assigning roles on a token
US9081948B2 (en) 2007-03-13 2015-07-14 Red Hat, Inc. Configurable smartcard
US20090006842A1 (en) * 2007-06-26 2009-01-01 John Gordon Ross Sealing Electronic Data Associated With Multiple Electronic Documents
US20090003588A1 (en) * 2007-06-26 2009-01-01 John Gordon Ross Counter Sealing Archives of Electronic Seals
US20090006258A1 (en) * 2007-06-26 2009-01-01 John Gordon Ross Registration Process
US20090006860A1 (en) * 2007-06-26 2009-01-01 John Gordon Ross Generating multiple seals for electronic data
US8793487B2 (en) * 2008-01-18 2014-07-29 Identrust, Inc. Binding a digital certificate to multiple trust domains
US9444622B2 (en) * 2008-09-15 2016-09-13 Hewlett Packard Enterprise Development Lp Computing platform with system key
US8520855B1 (en) * 2009-03-05 2013-08-27 University Of Washington Encapsulation and decapsulation for data disintegration
US8572394B2 (en) * 2009-09-04 2013-10-29 Computer Associates Think, Inc. OTP generation using a camouflaged key
IT1398518B1 (en) * 2009-09-25 2013-03-01 Colombo SAFE MILANO
US8533460B2 (en) * 2009-11-06 2013-09-10 Computer Associates Think, Inc. Key camouflaging method using a machine identifier
JP4656458B1 (en) * 2009-11-09 2011-03-23 Necインフロンティア株式会社 Handy terminal and payment method by handy terminal
US8843757B2 (en) * 2009-11-12 2014-09-23 Ca, Inc. One time PIN generation
EP2348452B1 (en) 2009-12-18 2014-07-02 CompuGroup Medical AG A computer implemented method for sending a message to a recipient user, receiving a message by a recipient user, a computer readable storage medium and a computer system
EP2348450B1 (en) 2009-12-18 2013-11-06 CompuGroup Medical AG Database system, computer system, and computer-readable storage medium for decrypting a data record
US8719587B2 (en) 2009-12-18 2014-05-06 CompuGroup Medical AG Computer implemented method for generating a pseudonym, computer readable storage medium and computer system
EP2348446B1 (en) * 2009-12-18 2015-04-15 CompuGroup Medical AG A computer implemented method for authenticating a user
ATE554454T1 (en) 2009-12-18 2012-05-15 CompuGroup Medical AG COMPUTER-IMPLEMENTED METHOD FOR GENERATING A PSEUDONYM, COMPUTER-READABLE STORAGE MEDIUM AND COMPUTER SYSTEM
US9544143B2 (en) 2010-03-03 2017-01-10 Duo Security, Inc. System and method of notifying mobile devices to complete transactions
US9532222B2 (en) 2010-03-03 2016-12-27 Duo Security, Inc. System and method of notifying mobile devices to complete transactions after additional agent verification
EP2365456B1 (en) 2010-03-11 2016-07-20 CompuGroup Medical SE Data structure, method and system for predicting medical conditions
US9282085B2 (en) * 2010-12-20 2016-03-08 Duo Security, Inc. System and method for digital user authentication
US8931069B2 (en) * 2011-03-09 2015-01-06 Ca, Inc. Authentication with massively pre-generated one-time passwords
US9467463B2 (en) 2011-09-02 2016-10-11 Duo Security, Inc. System and method for assessing vulnerability of a mobile device
US8763077B2 (en) 2011-10-07 2014-06-24 Duo Security, Inc. System and method for enforcing a policy for an authenticator device
US9524388B2 (en) 2011-10-07 2016-12-20 Duo Security, Inc. System and method for enforcing a policy for an authenticator device
US10979226B1 (en) * 2011-10-12 2021-04-13 Cybrsecurity Corporation Soft-token authentication system with token blocking after entering the wrong PIN
US8924712B2 (en) * 2011-11-14 2014-12-30 Ca, Inc. Using QR codes for authenticating users to ATMs and other secure machines for cardless transactions
DE112012005033B4 (en) * 2011-12-01 2020-12-17 International Business Machines Corporation Cross-system secure login
US20140068247A1 (en) * 2011-12-12 2014-03-06 Moose Loop Holdings, LLC Security device access
WO2013142158A1 (en) 2012-03-20 2013-09-26 Aperia Technologies Tire inflation system
US9887989B2 (en) 2012-06-23 2018-02-06 Pomian & Corella, Llc Protecting passwords and biometrics against back-end security breaches
US20140006781A1 (en) 2012-06-23 2014-01-02 Pomian & Corella, Llc Encapsulating the complexity of cryptographic authentication in black-boxes
US9361619B2 (en) * 2012-08-06 2016-06-07 Ca, Inc. Secure and convenient mobile authentication techniques
US9165130B2 (en) 2012-11-21 2015-10-20 Ca, Inc. Mapping biometrics to a unique key
US9338156B2 (en) 2013-02-22 2016-05-10 Duo Security, Inc. System and method for integrating two-factor authentication in a device
US9607156B2 (en) 2013-02-22 2017-03-28 Duo Security, Inc. System and method for patching a device through exploitation
US9443073B2 (en) 2013-08-08 2016-09-13 Duo Security, Inc. System and method for verifying status of an authentication device
US8893230B2 (en) 2013-02-22 2014-11-18 Duo Security, Inc. System and method for proxying federated authentication protocols
US9037865B1 (en) 2013-03-04 2015-05-19 Ca, Inc. Method and system to securely send secrets to users
US9325499B1 (en) * 2013-06-24 2016-04-26 Emc Corporation Message encryption and decryption utilizing low-entropy keys
US9053310B2 (en) 2013-08-08 2015-06-09 Duo Security, Inc. System and method for verifying status of an authentication device through a biometric profile
US9092302B2 (en) 2013-09-10 2015-07-28 Duo Security, Inc. System and method for determining component version compatibility across a device ecosystem
US9608814B2 (en) 2013-09-10 2017-03-28 Duo Security, Inc. System and method for centralized key distribution
CN103763103B (en) * 2013-12-31 2017-02-01 飞天诚信科技股份有限公司 Method for generating off-line authentication certifications through intelligent card
US9762590B2 (en) 2014-04-17 2017-09-12 Duo Security, Inc. System and method for an integrity focused authentication service
US9838205B2 (en) 2014-09-16 2017-12-05 Keypasco Ab Network authentication method for secure electronic transactions
US9231925B1 (en) * 2014-09-16 2016-01-05 Keypasco Ab Network authentication method for secure electronic transactions
GB2531770A (en) * 2014-10-30 2016-05-04 Ibm Confidential Extracting System Internal Data
US9979719B2 (en) 2015-01-06 2018-05-22 Duo Security, Inc. System and method for converting one-time passcodes to app-based authentication
US20160260091A1 (en) * 2015-03-04 2016-09-08 THC Farmaceuticals, Inc. Universal wallet for digital currency
US9641341B2 (en) 2015-03-31 2017-05-02 Duo Security, Inc. Method for distributed trust authentication
GB2538052B (en) * 2015-04-27 2019-07-03 Gurulogic Microsystems Oy Encoder, decoder, encryption system, encryption key wallet and method
US20160335627A1 (en) * 2015-05-11 2016-11-17 Gemalto Sa Method, device and a server for signing data
US10009324B2 (en) * 2015-06-29 2018-06-26 American Express Travel Related Services Company, Inc. Host card emulation systems and methods
US9774579B2 (en) 2015-07-27 2017-09-26 Duo Security, Inc. Method for key rotation
CN108431698A (en) 2015-10-23 2018-08-21 西维克斯控股有限责任公司 The system and method being authenticated using mobile device
US10277569B1 (en) * 2015-12-03 2019-04-30 Amazon Technologies, Inc. Cross-region cache of regional sessions
US9900160B1 (en) 2015-12-03 2018-02-20 Amazon Technologies, Inc. Asymmetric session credentials
US10182044B1 (en) 2015-12-03 2019-01-15 Amazon Technologies, Inc. Personalizing global session identifiers
US9894067B1 (en) 2015-12-03 2018-02-13 Amazon Technologies, Inc. Cross-region roles
WO2017160660A2 (en) * 2016-03-15 2017-09-21 Visa International Service Association Validation cryptogram for interaction
WO2017201406A1 (en) * 2016-05-19 2017-11-23 Arris Enterprises Llc Implicit rsa certificates
WO2018020369A1 (en) * 2016-07-29 2018-02-01 nChain Holdings Limited Blockchain-implemented method and system
GB201617620D0 (en) * 2016-10-18 2016-11-30 Cybernetica As Composite digital signatures
US10607017B2 (en) * 2017-01-04 2020-03-31 Ca, Inc. Restricting access to sensitive data using tokenization
AT519755B1 (en) * 2017-02-14 2018-10-15 Avl List Gmbh CYLINDER HOUSING OF AN INTERNAL COMBUSTION ENGINE
US10665047B1 (en) 2017-04-28 2020-05-26 1 Micro, LLC Methods and apparatus for accessing secured physical assets
CN107508686B (en) * 2017-10-18 2020-07-03 克洛斯比尔有限公司 Identity authentication method and system, computing device and storage medium
US10412113B2 (en) 2017-12-08 2019-09-10 Duo Security, Inc. Systems and methods for intelligently configuring computer security
US10680820B2 (en) * 2018-03-09 2020-06-09 Coolbitx Ltd. Method of creating and recovering digital wallet
US10693648B2 (en) * 2018-03-26 2020-06-23 Ca, Inc. System and method for dynamic grid authentication
US11941610B2 (en) 2018-07-13 2024-03-26 Circle Internet Financial, Ltd Cryptocurrency securing system and method
US20200036527A1 (en) * 2018-07-24 2020-01-30 Ca, Inc. User authentication based on password-specific cryptographic keys
WO2020046786A1 (en) * 2018-08-27 2020-03-05 Fireblocks Ltd. System and method for securing crypto-asset transactions
US11386429B2 (en) * 2018-10-12 2022-07-12 Cybavo Pte. Ltd. Cryptocurrency securing method and device thereof
EP3654578B1 (en) * 2018-11-16 2022-04-06 SafeTech BV Methods and systems for cryptographic private key management for secure multiparty storage and transfer of information
US11658962B2 (en) 2018-12-07 2023-05-23 Cisco Technology, Inc. Systems and methods of push-based verification of a transaction
WO2021159052A1 (en) * 2020-02-08 2021-08-12 Cameron Laghaeian Method and apparatus for managing encryption keys and encrypted electronic information on a network server
US11915242B2 (en) * 2021-12-30 2024-02-27 The Adt Security Corporation Premises security system with secure embedded cryptocurrency storage

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5124117A (en) * 1989-08-07 1992-06-23 Matsushita Electric Industrial Co., Ltd. Cryptographic key distribution method and system
US5651066A (en) * 1994-04-28 1997-07-22 Nippon Telegraph And Telephone Corporation Cipher key distribution system effectively preventing illegitimate use and charging of enciphered information

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3798605A (en) 1971-06-30 1974-03-19 Ibm Centralized verification system
US5206905A (en) * 1989-05-15 1993-04-27 Dallas Semiconductor Corp. Password protected device using incorrect passwords as seed values for pseudo-random number generator for outputting random data to thwart unauthorized accesses
US5142578A (en) * 1991-08-22 1992-08-25 International Business Machines Corporation Hybrid public key algorithm/data encryption algorithm key distribution method based on control vectors
US6408388B1 (en) 1993-05-05 2002-06-18 Addison M. Fischer Personal date/time notary device
US5668876A (en) 1994-06-24 1997-09-16 Telefonaktiebolaget Lm Ericsson User authentication method and apparatus
EP0719446B1 (en) * 1994-07-18 2003-02-19 Koninklijke Philips Electronics N.V. Thin-panel picture display device
US5535276A (en) * 1994-11-09 1996-07-09 Bell Atlantic Network Services, Inc. Yaksha, an improved system and method for securing communications using split private key asymmetric cryptography
CA2194475A1 (en) 1994-07-19 1996-02-01 Frank W. Sudia Method for securely using digital signatures in a commercial cryptographic system
US5694471A (en) * 1994-08-03 1997-12-02 V-One Corporation Counterfeit-proof identification card
US5604801A (en) * 1995-02-03 1997-02-18 International Business Machines Corporation Public key data communications system under control of a portable security device
US5606615A (en) * 1995-05-16 1997-02-25 Lapointe; Brian K. Computer security system
EP0753816A1 (en) * 1995-07-07 1997-01-15 Thomson Consumer Electronics, Inc. A method and apparatus for storing sensitive information securely in a relatively insecure storage medium
US5745574A (en) * 1995-12-15 1998-04-28 Entegrity Solutions Corporation Security infrastructure for electronic transactions
US5761306A (en) * 1996-02-22 1998-06-02 Visa International Service Association Key replacement in a public key cryptosystem
US5818936A (en) * 1996-03-15 1998-10-06 Novell, Inc. System and method for automically authenticating a user in a distributed network system
FR2747208B1 (en) * 1996-04-09 1998-05-15 Clemot Olivier METHOD OF CONCEALING A SECRET CODE IN A COMPUTER AUTHENTICATION DEVICE
US5815573A (en) * 1996-04-10 1998-09-29 International Business Machines Corporation Cryptographic key recovery system
US6002768A (en) * 1996-05-07 1999-12-14 International Computer Science Institute Distributed registration and key distribution system and method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5124117A (en) * 1989-08-07 1992-06-23 Matsushita Electric Industrial Co., Ltd. Cryptographic key distribution method and system
US5651066A (en) * 1994-04-28 1997-07-22 Nippon Telegraph And Telephone Corporation Cipher key distribution system effectively preventing illegitimate use and charging of enciphered information

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
MENEZES, VANSTONE, OORSCHOT: "Handbook of Applied Cryptography", January 1997, CRC PRESS LLC, USA, XP002662409 *

Also Published As

Publication number Publication date
AU2097399A (en) 1999-07-12
DE69842122D1 (en) 2011-03-17
ES2359205T3 (en) 2011-05-19
AU746966B2 (en) 2002-05-09
EP2302833A2 (en) 2011-03-30
ATE497658T1 (en) 2011-02-15
CA2314349C (en) 2005-09-06
WO1999033222A1 (en) 1999-07-01
EP2302833B1 (en) 2018-02-14
NO20003310L (en) 2000-08-22
HK1032306A1 (en) 2001-07-13
US6956950B2 (en) 2005-10-18
JP4463979B2 (en) 2010-05-19
US6170058B1 (en) 2001-01-02
US20010008012A1 (en) 2001-07-12
EP1048143A1 (en) 2000-11-02
EP1048143A4 (en) 2006-02-01
JP2001527325A (en) 2001-12-25
CA2314349A1 (en) 1999-07-01
NO20003310D0 (en) 2000-06-23
EP1048143B1 (en) 2011-02-02

Similar Documents

Publication Publication Date Title
EP2302833A3 (en) Method and apparatus for secure cryptographic key storage, certification and use
US6370629B1 (en) Controlling access to stored information based on geographical location and date and time
WO1999003277A3 (en) Arrangement for independently requesting a playing authorization for a reproduced encrypted information signal
US6035398A (en) Cryptographic key generation using biometric data
US6084968A (en) Security token and method for wireless applications
WO2003041324A3 (en) Biometrics template
GB2339518B (en) Method for secure key management using a biometric
WO2002080170A3 (en) Method and system for providing bus encryption based on cryptographic key exchange
EP0894377A4 (en) A method for providing a secure non-reusable one-time password
EP0706118A4 (en) Data protection system
HK1029648A1 (en) Software carrier for play on a system for authenticating software carriers
NO943457D0 (en) "Smart card" adapted to multiple service providers and secondary utilization
CA2241745A1 (en) Method and apparatus for controlling access to encrypted data files in a computer system
WO2003015370A3 (en) Data certification method and apparatus
EP0268141A3 (en) Remote access terminal security
CA2068488A1 (en) Hybrid public key algorithm/data encryption algorithm key distribution method based on control vectors
WO2002051126A3 (en) Method and system for trusted digital camera
AU1190988A (en) Process and apparatus for the protection of secret elements in a network of encrypting devices with open key management
CA2373787A1 (en) Self authentication ciphertext chaining
MX9602654A (en) A method and apparatus for storing sensitive information securely in a relatively insecure storage medium.
KR20010052103A (en) A remotely accessible private space using a fingerprint
JP2003529143A (en) Security biometric identification system and method
KR20010039815A (en) Encrypting communication system and encrypting communication method
RU2004109811A (en) METHOD FOR INITIALIZING A CHIP CARD
WO2000000882A3 (en) Apparatus and method for end-to-end authentication using biometric data

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AC Divisional application: reference to earlier application

Ref document number: 1048143

Country of ref document: EP

Kind code of ref document: P

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

PUAL Search report despatched

Free format text: ORIGINAL CODE: 0009013

AK Designated contracting states

Kind code of ref document: A3

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

RIC1 Information provided on ipc code assigned before grant

Ipc: G07F 7/10 20060101ALI20111031BHEP

Ipc: G06F 21/00 20060101ALI20111031BHEP

Ipc: H04L 9/32 20060101ALI20111031BHEP

Ipc: H04L 9/08 20060101AFI20111031BHEP

17P Request for examination filed

Effective date: 20120601

17Q First examination report despatched

Effective date: 20121105

REG Reference to a national code

Ref country code: DE

Ref legal event code: R079

Ref document number: 69843660

Country of ref document: DE

Free format text: PREVIOUS MAIN CLASS: H04L0009320000

Ipc: G06F0021620000

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

RIC1 Information provided on ipc code assigned before grant

Ipc: G07F 7/10 20060101ALI20170221BHEP

Ipc: H04L 9/32 20060101ALI20170221BHEP

Ipc: H04L 9/08 20060101ALI20170221BHEP

Ipc: G06Q 20/02 20120101ALI20170221BHEP

Ipc: G06F 21/62 20130101AFI20170221BHEP

Ipc: G06Q 20/38 20120101ALI20170221BHEP

Ipc: H04L 29/06 20060101ALI20170221BHEP

INTG Intention to grant announced

Effective date: 20170324

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

AC Divisional application: reference to earlier application

Ref document number: 1048143

Country of ref document: EP

Kind code of ref document: P

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: DE

Ref legal event code: R096

Ref document number: 69843660

Country of ref document: DE

Ref country code: AT

Ref legal event code: REF

Ref document number: 970292

Country of ref document: AT

Kind code of ref document: T

Effective date: 20180315

REG Reference to a national code

Ref country code: NL

Ref legal event code: MP

Effective date: 20180214

REG Reference to a national code

Ref country code: AT

Ref legal event code: MK05

Ref document number: 970292

Country of ref document: AT

Kind code of ref document: T

Effective date: 20180214

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: FI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20180214

Ref country code: CY

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20180214

Ref country code: NL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20180214

Ref country code: ES

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20180214

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: AT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20180214

Ref country code: SE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20180214

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20180515

REG Reference to a national code

Ref country code: DE

Ref legal event code: R081

Ref document number: 69843660

Country of ref document: DE

Owner name: CA, INC., NEW YORK, US

Free format text: FORMER OWNER: ARCOT SYSTEMS, INC., SANTA CLARA, CALIF., US

REG Reference to a national code

Ref country code: DE

Ref legal event code: R097

Ref document number: 69843660

Country of ref document: DE

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: DK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20180214

PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

REG Reference to a national code

Ref country code: DE

Ref legal event code: R071

Ref document number: 69843660

Country of ref document: DE

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

26N No opposition filed

Effective date: 20181115

REG Reference to a national code

Ref country code: BE

Ref legal event code: MK

Effective date: 20181222

Ref country code: IE

Ref legal event code: MK9A

REG Reference to a national code

Ref country code: GB

Ref legal event code: PE20

Expiry date: 20181221

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IE

Free format text: LAPSE BECAUSE OF EXPIRATION OF PROTECTION

Effective date: 20181222

Ref country code: GB

Free format text: LAPSE BECAUSE OF EXPIRATION OF PROTECTION

Effective date: 20181221

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20180614